MENDOZA IN THE NEWS

Preventing fraud, not just reacting once it occurs, should be the goal of every corporate compliance program, but business has a mixed record in encouraging employees to report suspected misconduct internally, speakers at a Thomson Reuters forum said Tuesday.

Preventing fraud and encouraging internal reporting has also been mandatory for public companies since 2002. Among other things, Section 301 of the Sarbanes-Oxley Act requires issuers’ audit committees to establish procedures for employees to confidentially and anonymously submit concerns over questionable accounting or auditing matters. And Section 806 of Sarbanes-Oxley generally prohibits issuers from retaliating against employees for raising these concerns.

And in 2010 the Dodd-Frank Act directed the Securities and Exchange Commission to establish a program to protect whistleblowers from retaliation and to reward them for voluntarily providing actionable original information that leads to recoveries of $1 million or more for securities violations. The SEC in August 2012 announced the first award under its program, which is codified as Rule 21F-1 et seq. under the Securities Exchange Act of 1934.

But many internal reporting programs and “hotlines” are not as effective as they could be because they do not take into account how and why people and organizations act, said Ann Tenbrunsel, a professor of business ethics at Notre Dame University.

Unethical behavior is repeated because “most interventions ignore the psychology of people being confronted with ethical dilemmas,” Tenbrunsel said. People have “blind spots” and misperceive how they and others act in the face of such confrontations, and so do entities, whether they are governmental, business or non-profits, Tenbrunsel said.